[SGVLUG] Securing Apache

Joel Witherspoon joel.witherspoon at gmail.com
Wed Jul 26 11:40:49 PDT 2006


If this is a dumb question, let me know.

I'm running CentOS 4.3 with Apache 2 running as user:group Apache:Apache.

My /var/www directories are owned by root:root all at 755
My /etc/httpd directories are owned by root:root and at 755 except my logs,
modules and run - they are at 777

I'm not providing user directories
I am using the cgi-bin
I'm trying to secure my Apache system as much as possible.

Should I change the directory user:groups to apache:apache for the
/etc/httpd and /var/www, /var/cgi-bin?

What is the best way to secure apache with this setup?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.sgvlug.net/pipermail/sgvlug/attachments/20060726/648c9669/attachment.html


More information about the SGVLUG mailing list